Turning off SELINUX
Dave Stevens
geek at uniserve.com
Fri Sep 6 05:55:46 UTC 2013
Quoting Rahul Sundaram <metherid at gmail.com>:
> Hi
>
>
> On Thu, Sep 5, 2013 at 5:58 PM, Javier Perez wrote:
>
>> I know SELinux is not about encryption, it is about limiting access to the
>> system AFTER a breach has ocurred. (That is my understanding AFAIK, and
>> that is why I think it is a good idea).
>> My beef is given the NSA origin of this software, It could very well have
>> a backdoor to turn itself off under the appropriate circumstances like an
>> NSA-sponsored breach an allow unrestricted access to my system..
>>
>
> NSA is a *huge* organization with multiple divisions
>
> SELinux can prevent breaches as well as mitigate the extend of any
> breaches depending on the situation but more importantly, it is fully free
> and open source software and part of the upstream Linux kernel which has
> been thoroughly reviewed and powered competing Govt agencies including both
> US and Russian defense.
>
> As a side note, running SELinux doesn't prevent say someone monitoring your
> email or chat unless you are encrypting all of that and even then it might
> be just a speed bump for NSA. If you want to change what they do, engage
> in the right political advocacy groups.
>
> Rahul
>
Not to contradict what Rahul says, which I agree with, you might also
want to read this:
http://cm.bell-labs.com/who/ken/trust.html
Old but still relevant.
Dave
--
Advertising is the rattling of a stick inside a swill bucket - George Orwell
More information about the users
mailing list